GitHub Enterprise Server up to 3.8/3.9.6/3.10.3/3.11.0 API improper authentication
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.7 | $0-$5k | 0.00 |
Summary
A vulnerability categorized as critical has been discovered in GitHub Enterprise Server up to 3.8/3.9.6/3.10.3/3.11.0. This issue affects some unknown processing of the component API. The manipulation results in improper authentication. This vulnerability is reported as CVE-2023-6847. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.
Details
A vulnerability was found in GitHub Enterprise Server up to 3.8/3.9.6/3.10.3/3.11.0 (Bug Tracking Software). It has been classified as critical. Affected is an unknown functionality of the component API. The manipulation with an unknown input leads to a improper authentication vulnerability. CWE is classifying the issue as CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. This is going to have an impact on confidentiality. CVE summarizes:
An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed a bypass of Private Mode by using a specially crafted API request. To exploit this vulnerability, an attacker would need network access to the Enterprise Server appliance configured in Private Mode. This vulnerability affected all versions of GitHub Enterprise Server since 3.9 and was fixed in version 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program.
The weakness was disclosed 12/22/2023 by Ahacker1. The advisory is available at docs.github.com. This vulnerability is traded as CVE-2023-6847 since 12/15/2023. The technical details are unknown and an exploit is not available.
Upgrading to version 3.9.7, 3.10.4 or 3.11.1 eliminates this vulnerability. The upgrade is hosted for download at docs.github.com.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Product
Type
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.8VulDB Meta Temp Score: 6.7
VulDB Base Score: 5.3
VulDB Temp Score: 5.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.5
NVD Vector: 🔍
CNA Base Score: 7.5
CNA Vector (GitHub, Inc. (Products Only)): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Improper authenticationCWE: CWE-287
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Enterprise Server 3.9.7/3.10.4/3.11.1
Timeline
12/15/2023 🔍12/21/2023 🔍
12/22/2023 🔍
01/18/2024 🔍
Sources
Advisory: docs.github.comResearcher: Ahacker1
Status: Confirmed
CVE: CVE-2023-6847 (🔍)
GCVE (CVE): GCVE-0-2023-6847
GCVE (VulDB): GCVE-100-248802
Entry
Created: 12/22/2023 00:36Updated: 01/18/2024 07:21
Changes: 12/22/2023 00:36 (53), 01/18/2024 07:21 (11)
Complete: 🔍
Cache ID: 216::103
If you want to get best quality of vulnerability data, you may have to visit VulDB.
No comments yet. Languages: en.
Please log in to comment.